Cloud Security: “How,” Not “If”

Larry Hughes

cloud-security

IT concerns about cloud security are receding as organizations move into the cloud and deploy various cloud scenarios as an integral part of their IT service infrastructure. A survey conducted by Clutch found that 64% of enterprises consider cloud infrastructure a “more secure” alternative to legacy systems, and 22% perceive security as a top benefit of the cloud. That’s not surprising since, as the report points out, many cloud services boast 24-hour monitoring and multi-layered security infrastructures of identity management, data encryption, proactive management, and compliance and governance systems.

Cloud services also take the significant burden of security updates off of enterprises, which often fall behind, opening up major security holes. Most cloud services are audited on a yearly basis ̶ more often than most on-premises infrastructure deployments.

Enterprises have also achieved cloud security by filling in the perceived security gaps in their cloud provider infrastructure and constructing the best, most secure hybrid cloud architecture for their needs. According to the Clutch report, 75% of enterprise respondents implement security measures beyond those provided by the cloud vendor, including data encryption, identity access policies and regular audits. More than half of the respondents spend up to $500,000 annually on these additional measures.

An Architecture of Control

Many IT professionals find that with a carefully planned architecture, sufficient cloud security and compliance are more than possible. A carefully crafted hybrid architecture can solve most cloud security issues, as we point out in our blog Hybrid Cloud Scenarios: Control the Data. One strategy is to put the application, servers and everything else but your enterprise data in the public cloud, keeping data on-premises where you can maintain control of its security and protection. Or, you can slice the data such that only sensitive data stays private. By doing so, you always know exactly where your data is, maintaining privacy, redundancy and compliance. Equinix’s newly introduced Data Hub solution also enables enterprises to implement a secure data protection and replication environment outside of the public cloud ̶ unless public cloud integration is required, then that can be easily accomplished via direct and secure interconnection through the Equinix Cloud Exchange.

Some of the challenges that enterprises face when separating applications and data are performance and latency, especially if WAN connections run long distance over the Internet. You can address these challenges in a couple of ways. First, you colocate private cloud storage in the same data center as your cloud provider’s compute capability and interconnect them with direct, proximate, high-speed connections. NetApp’s Private Storage for Microsoft Azure and AWS and EMC’s Private Storage for Azure are two solutions that let you take advantage of this scenario. You can even implement a cloud-to-cloud failover solution for additional business protection.

Another solution is placing the Equinix Data Hub close to sources, users, applications and analytics that need fast, low-latency data access. There are a number of scenarios that can be deployed with a Data Hub that maintain data security while enabling high-performance, and we describe some in our blog post, “Data Hub Use Cases: Taking on the Data Explosion.”

Increasingly, it’s no longer a matter of whether the cloud is or isn’t secure. It’s really about crafting a detailed strategy and architecture that delivers the exact level of security and compliance your organization requires.